remark-cli
Advanced tools
Comparing version 7.0.0 to 7.0.1
{ | ||
"name": "remark-cli", | ||
"version": "7.0.0", | ||
"version": "7.0.1", | ||
"description": "CLI to process Markdown with remark using plugins", | ||
@@ -17,2 +17,6 @@ "license": "MIT", | ||
"bugs": "https://github.com/remarkjs/remark/issues", | ||
"funding": { | ||
"type": "opencollective", | ||
"url": "https://opencollective.com/unified" | ||
}, | ||
"author": "Titus Wormer <tituswormer@gmail.com> (https://wooorm.com)", | ||
@@ -19,0 +23,0 @@ "contributors": [ |
@@ -33,7 +33,8 @@ # remark-cli | ||
<br><br>🥇 | ||
<a href="https://www.gatsbyjs.org">Gatsby</a></td> | ||
<a href="https://www.gatsbyjs.org">Gatsby</a> | ||
</td> | ||
<td width="20%" align="center"> | ||
<a href="https://compositor.io"><img src="https://avatars1.githubusercontent.com/u/19245838?s=400&v=4"></a> | ||
<br><br>🥉 | ||
<a href="https://compositor.io">Compositor</a> | ||
<a href="https://www.netlify.com"><img src="https://avatars1.githubusercontent.com/u/7892489?s=400&v=4"></a> | ||
<br><br>🥇 | ||
<a href="https://www.netlify.com">Netlify</a> | ||
</td> | ||
@@ -120,2 +121,12 @@ <td width="20%" align="center"> | ||
## Security | ||
As Markdown is sometimes used for HTML, and improper use of HTML can open you up | ||
to a [cross-site scripting (XSS)][xss] attack, use of remark can also be unsafe. | ||
When going to HTML, use remark in combination with the [**rehype**][rehype] | ||
ecosystem, and use [`rehype-sanitize`][sanitize] to make the tree safe. | ||
Use of remark plugins could also open you up to other attacks. | ||
Carefully assess each plugin and the risks involved in using them. | ||
## Contribute | ||
@@ -194,1 +205,7 @@ | ||
[announcement]: https://medium.com/unifiedjs/collectively-evolving-through-crowdsourcing-22c359ea95cc | ||
[xss]: https://en.wikipedia.org/wiki/Cross-site_scripting | ||
[rehype]: https://github.com/rehypejs/rehype | ||
[sanitize]: https://github.com/rehypejs/rehype-sanitize |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
8225
209